diff --git a/internal/configs/configmaps.go b/internal/configs/configmaps.go
index a2433455ba..589545fca4 100644
--- a/internal/configs/configmaps.go
+++ b/internal/configs/configmaps.go
@@ -519,6 +519,9 @@ func GenerateNginxMainConfig(staticCfgParams *StaticConfigParams, config *Config
 		ResolverIPV6:                       config.ResolverIPV6,
 		ResolverTimeout:                    config.ResolverTimeout,
 		ResolverValid:                      config.ResolverValid,
+		RealIPHeader:                       config.RealIPHeader,
+		RealIPRecursive:                    config.RealIPRecursive,
+		SetRealIPFrom:                      config.SetRealIPFrom,
 		ServerNamesHashBucketSize:          config.MainServerNamesHashBucketSize,
 		ServerNamesHashMaxSize:             config.MainServerNamesHashMaxSize,
 		ServerTokens:                       config.ServerTokens,
diff --git a/internal/configs/version1/config.go b/internal/configs/version1/config.go
index 52231ac4d7..b41f52031d 100644
--- a/internal/configs/version1/config.go
+++ b/internal/configs/version1/config.go
@@ -166,6 +166,9 @@ type MainConfig struct {
 	ResolverIPV6                       bool
 	ResolverTimeout                    string
 	ResolverValid                      string
+	RealIPHeader                       string
+	RealIPRecursive                    bool
+	SetRealIPFrom                      []string
 	ServerNamesHashBucketSize          string
 	ServerNamesHashMaxSize             string
 	ServerTokens                       string
diff --git a/internal/configs/version1/nginx-plus.tmpl b/internal/configs/version1/nginx-plus.tmpl
index 9d24fcf70b..40a9aab7f8 100644
--- a/internal/configs/version1/nginx-plus.tmpl
+++ b/internal/configs/version1/nginx-plus.tmpl
@@ -115,6 +115,11 @@ http {
         ssl_certificate /etc/nginx/secrets/default;
         ssl_certificate_key /etc/nginx/secrets/default;
 
+        {{range $setRealIPFrom := .SetRealIPFrom}}
+        set_real_ip_from {{$setRealIPFrom}};{{end}}
+        {{if .RealIPHeader}}real_ip_header {{.RealIPHeader}};{{end}}
+        {{if .RealIPRecursive}}real_ip_recursive on;{{end}}
+
         server_name _;
         server_tokens "{{.ServerTokens}}";
         {{if .DefaultServerAccessLogOff}}
diff --git a/internal/configs/version1/nginx.tmpl b/internal/configs/version1/nginx.tmpl
index d59ec49b31..c4ac7c3e80 100644
--- a/internal/configs/version1/nginx.tmpl
+++ b/internal/configs/version1/nginx.tmpl
@@ -101,6 +101,11 @@ http {
         ssl_certificate /etc/nginx/secrets/default;
         ssl_certificate_key /etc/nginx/secrets/default;
 
+        {{range $setRealIPFrom := .SetRealIPFrom}}
+        set_real_ip_from {{$setRealIPFrom}};{{end}}
+        {{if .RealIPHeader}}real_ip_header {{.RealIPHeader}};{{end}}
+        {{if .RealIPRecursive}}real_ip_recursive on;{{end}}
+
         server_name _;
         server_tokens "{{.ServerTokens}}";
         {{if .DefaultServerAccessLogOff}}